PHI of 3,000 Patients Exposed Due to Mailing Printing Error

Maximus Inc, a provider of business process management and technology solutions to government health and human services agencies, is alerting more than 3,000 individuals that some of their protected health information has been accidentally disclosed to other individuals as a result of a printing error on a recent mailing.

The mailing was prepared and sent by its business associate, Business Ink, between February 10 and February 13, 2018. The mailing was sent to approximately 1,100 families in Texas who participated in Medicaid and the Children’s Health Insurance Program (CHIP). The error was discovered by Maximus on February 16.

The 6-page letter included one mismatched page that included information relating to another individual. The types of information detailed on the page were limited to names, addresses, group numbers, case numbers, and program type. No highly sensitive information such as Social Security numbers, birth dates, insurance information, or financial information was exposed, and none of the information detailed on the mismatched pages would allow another individual to gain access to another person’s program account.

Since the information exposed was extremely limited, affected individuals do not need to take any action to mitigate risk. Notifications were issued out of an abundance of caution.

Maximus has investigated the incident and has received assurances that its mailing vendor has strengthened its printing processes to ensure similar errors are prevented in the future. No reports have been received to suggest any of the disclosed information has been misused in any way.

According to Databreaches.net, 3,029 individuals had information impermissibly disclosed as a result of the printing and mailing error.

About HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines. HIPAA Journal's goal is to assist HIPAA-covered entities achieve and maintain compliance with state and federal regulations governing the use, storage and disclosure of PHI and PII.